Check out the new USENIX Web site. Other applications
previous up next Other considerations
Previous: Timestamps Up: Other applications Next: The current version of

The ERL idea also brings back the `natural' concept of trust in a broader sense -- it highlights the point of who trusts the certified entity, not the current notion of whom the certified entity trusts (or is forced to `trust').

The ERL system requires reliable support of computing and checking hash values, in some cases supported by time-stamping services. It is also desirable to have the supportive mechanisms embedded within the existing computer environment (hardware, OS, Web browser or so).

We believe that our system is easily applicable on current Web platforms. The Web browser or OS should include features to compute the hash value of an arbitrary input (software distribution file, etc.) and perform a check on the hash of a loaded HTML document. It would be advisable to support several different hashing algorithms to avoid any future problem or failure. Also, hashes should be stored within the bookmark file of the browser, where they could provide some level of document change control exploitable for cache management, triggering warning mechanisms where relevant, etc.

Fabien A.P. Petitcolas, Computer Laboratory, University of Cambridge